Select Page

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) safeguards the privacy of patients by protecting any sensitive Patient Health Information (PHI). Before this Act, there was no structured guidance for the healthcare industry in the U.S. to protect patient data. However, with the rise of EHR and EMR, HIPAA has become significant in ensuring safety and integrity of PHI. That’s why, ToothCE is on a mission to help you to get your dental team to be compliance-ready for HIPAA. 

No, HIPAA Compliance Training is NOT Optional for Your Dental Team

Your dental team must undergo extensive and hands-on HIPAA compliance training. It doesn’t matter whether you own a billion-dollar dental care chain or run a one-person dental office. 

In fact, the training requirements are not limited to your dentists, nurses, technicians, and other staff. Business associates like IT providers and subcontractors like dental equipment suppliers come into the fold too. They all need to be trained on what information is protected by the HIPAA Privacy Rule and how best to protect the same. 

However, the Training Can be Tailored to the Role of Each Individual. 

The HIPAA Privacy Rule states that compliance training must be “as necessary and appropriate for the members of the workforce to carry out their functions.” This implies that HIPAA compliance doesn’t require everyone to receive the same rigour of training.  

While the Act doesn’t elaborate any further, you can follow a simple rule of thumb. Train your dental team, business associates and subcontractors based on the extent to which they are involved in handling PHI. 

For example, an employee or a business associate may not be responsible for:

  • Taking consent from patients regarding sharing their data
  • Providing PHI-related notice to patients
  • Storing or retrieving sensitive patient data

In that case, they don’t need to be trained in these aspects. However, anyone who comes in direct contact with critical patient data must be trained in-depth on the HIPAA requirements.

Two Types of HIPAA Compliance Training for Your Dental Team

HIPAA Awareness Training – Must for All

Everyone in your dental team as well as your associates and subcontractors need to undergo the HIPAA Awareness training course. This is required by the HIPAA Privacy regulations. The three aspects of HIPAA – transactions, privacy, and security – are covered in this. Everyone related to your dental business should get trained on these, without exceptions.

HIPAA Security Training – Advanced, Role-based Curriculum

The HIPAA Security training is a technical course on setting up safeguards and fail-safes for protecting patient health information. The courses are primarily focused on safeguarding electronic data, such as  taking data backups, powering off computers in an emergency, encrypting and decrypting data, checking networks for security, handling malicious software, passwords and user authentication, etc. 

Given the technical nature of this course, it only needs to be taken by those implementing HIPAA Security for your dental practice. Examples include the HIPAA compliance officer, your dental IT staff, dental business owners, and so on. 

ToothCE is an industry-leading training platform for HIPAA, OSHA and other compliance needs for dental offices in the U.S. To know more about our dental office training solutions, please visit toothce.com or contact us at contact@toothce.com.

Deepti Sahi
Author: Deepti Sahi